# Brute Force Protection
# About
Enhance has built in brute force protection to help protect logins on your cluster from automated attacks like brute force and DDOS attacks.
Enhance doesn't install fail2ban or similar tools.
The Brute Force protection is enbaled by default. Rate limiting and manual permenant allow and block lists can be configured for both email and IP addresses.
# Configure Brute Force
- Open Settings in the left sidebar
- Select Platform
- Navigate to Brute force protection
- Configure your changes:
Email Rate limiting - This tool allows you to configure the number of failed login attempts allowed within a 1 minute interval before a user's Email address is automatically rate limited.
Default: 10
Email Manual permanent blocking
This tools allows you to add email addresses to an allowed or blocked list.
IP address Rate limiting- This tool allows you to configure the number of failed login attempts allowed within a 1 minute interval before a user's IP address is automatically rate limited.
Default: 8
IP address permanent blocking This tools allows you to add email addresses to an allowed or blocked list.